package com.itqf.controller;

import com.itqf.entity.SysUsers;
import com.itqf.utils.R;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authz.annotation.*;
import org.apache.shiro.crypto.hash.Md5Hash;
import org.apache.shiro.session.Session;
import org.apache.shiro.subject.Subject;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseBody;


/**
 * @Description:
 * @Company: 千锋互联
 * @Author: 李丽婷
 * @Date: 2020/11/20
 * @Time: 上午11:49
 */
@Controller
public class UsersController {

    Logger logger = LoggerFactory.getLogger(UsersController.class);

//非前后端分离
    @RequestMapping("/doLogin")
    //游客
    @RequiresGuest  //The current Subject is not a guest
    public   String doLogin(String  username, String password, Model model){
        System.out.println("--->doLogin username = "+username+"---password="+password);
        //1.username和password封装成UsernamePasswordToken
        //密码加密
        Md5Hash md5Hash1 = new Md5Hash(password,username,1024);

        UsernamePasswordToken usernamePasswordToken =
                new UsernamePasswordToken(username,md5Hash1.toString());
        //2.得到Subject对象
        Subject subject = SecurityUtils.getSubject();

        try {
            //3.登录 --->  shiro会调用自定义Realm中的认证方法 doGetAuthenticationInfo
            subject.login(usernamePasswordToken);

            subject.getSession().setAttribute("username",username);
            return "/success.jsp";
        } catch (AuthenticationException e) {

            model.addAttribute("errorMsg",e.getMessage());
            e.printStackTrace();
        }

        return  "/login.jsp";

    }

    /**
     * 前后端分离
     * @param username
     * @param password
     * @param model
     * @return
     */
    @RequestMapping("/doLogin1")
    @ResponseBody
    public R doLogin1(String  username, String password, Model model){
        System.out.println("--->doLogin username = "+username+"---password="+password);
        //1.username和password封装成UsernamePasswordToken
        //密码加密
        Md5Hash md5Hash1 = new Md5Hash(password,username,1024);

        UsernamePasswordToken usernamePasswordToken =
                new UsernamePasswordToken(username,md5Hash1.toString());
        //2.得到Subject对象
        Subject subject = SecurityUtils.getSubject();

        //得到session
        Session session = subject.getSession();
        session.setAttribute("users",username);
        System.out.println(session.getAttribute("users"));

       //记住我
        usernamePasswordToken.setRememberMe(true);

        try {
            //3.登录 --->  shiro会调用自定义Realm中的认证方法 doGetAuthenticationInfo
            subject.login(usernamePasswordToken);


           return  R.ok();
        } catch (AuthenticationException e) {

           // model.addAttribute("errorMsg",e.getMessage());
            e.printStackTrace();
            return R.error(e.getMessage());
        }

    }


    @RequestMapping("/addUser")
    //具有角色能访问
    //logical = Logical.OR  或者
    //logical = Logical.AND  并且
    @RequiresRoles(value = {"管理员","CEO"},logical = Logical.OR)
    //@RequiresRoles(value = {"管理员"})
    @ResponseBody
    public  R add(){
        logger.info("---->新增用户");
        return  R.ok();
    }

    @RequestMapping("/updateUser")
    //具有权限能访问
    @RequiresPermissions("sys:user:update")
    @ResponseBody
    public  R update(){
        logger.info("---->修改用户");
        return  R.ok();
    }


    @RequestMapping("/updateOrder")
    //具有权限能访问
    @RequiresPermissions("sys:order:update")
    @ResponseBody
    public  R updateOrder(){
        logger.info("---->修改订单");
        return  R.ok();
    }


    @RequestMapping("/cartList")
    //勾选了记住我后能访问
   // @RequiresUser
    @ResponseBody
    public  R cartList(){
        logger.info("---->查看购物车");
        return  R.ok();
    }


    @RequestMapping("/logOut")
    public   String logout(){
        //退出  --》清空会话
        Subject subject = SecurityUtils.getSubject();
        subject.logout();

        return "login.jsp";
    }

    @RequestMapping("/logOut1")
    @ResponseBody
    public   R logout1(){
        //退出  --》清空会话
        Subject subject = SecurityUtils.getSubject();
        subject.logout();

        return R.ok();//code==0
    }

    @RequestMapping("/userInfo")
    @ResponseBody
    public  R  userInfo(){
        /**
         * 自定义Realm认证的方法中   存储到shiro内部
         *   public SimpleAuthenticationInfo(Object principal, Object credentials, String realmName) {
         *         this.principals = new SimplePrincipalCollection(principal, realmName);
         *         this.credentials = credentials;
         *     }
         */
        SysUsers users = (SysUsers) SecurityUtils.getSubject().getPrincipal();

        return  R.ok().put("username",users.getUsername());
    }
}
